Navigate

Check: IDMS-DB-000890

CA IDMS STIG: IDMS-DB-000890 (in versions v1 r2 through v1 r1)

Title

Maintenance for security-related software updates for CA IDMS modules must be provided. (Cat II impact)

Discussion

When a problem is found in IDMS, corrective maintenance is published to correct the problem (including security related problems). Published fixes should be applied to the IDMS system to correct any problems found.

Check Content

Determining which PTFs have been applied, a query can be done to an SMP/E CSI using the IBM SMP/E utility. New and existing PTFs must be reviewed using CA CARS or CSO in a timeframe determined by an authoritative source. If not, this is a finding.

Fix Text

Institute and adhere to policies and procedures to ensure that patches are consistently applied to the IDMS within the time allowed.

Additional Identifiers

Rule ID: SV-251650r855289_rule

Vulnerability ID: V-251650

Group Title: SRG-APP-000456-DB-000390

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-002605	The organization installs security-relevant software updates within an organization-defined time period of the release of the updates.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
SI-2	Flaw Remediation